ansible: finalize config
This commit is contained in:
parent
9118f64a03
commit
0cc199dd1f
5 changed files with 102 additions and 16 deletions
|
@ -3,5 +3,6 @@
|
|||
sshwifty_internal_port: 8080
|
||||
sshwifty_configuration_directory: "/etc/sshwifty"
|
||||
sshwifty_work_directory: "/var/lib/sshwifty"
|
||||
sshwifty_gateway_access: false
|
||||
|
||||
#
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
---
|
|
@ -1,4 +1,20 @@
|
|||
---
|
||||
# - name: Check sshwifty_* variables are not empty
|
||||
# assert:
|
||||
# that:
|
||||
# sshwifty_configuration_directory
|
||||
# sshwifty_hostname
|
||||
# sshwifty_public_port
|
||||
# sshwifty_shared_key
|
||||
# sshwifty_authentication
|
||||
# sshwifty_ssh_password
|
||||
# sshwifty_ssh_user
|
||||
# sshwifty_internal_port
|
||||
# sshwifty_configuration_directory
|
||||
# sshwifty_work_directory
|
||||
# sshwifty_gateway_access
|
||||
# msg: ""
|
||||
|
||||
- name: Install required system packages
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
|
@ -43,7 +59,7 @@
|
|||
- name: Run SSHwifty
|
||||
community.docker.docker_compose:
|
||||
project_src: "{{ sshwifty_work_directory }}"
|
||||
recreate: smart
|
||||
recreate: always
|
||||
state: present
|
||||
|
||||
#
|
||||
|
|
66
ansible/templates/sshwifty.conf-with-gateway.j2
Normal file
66
ansible/templates/sshwifty.conf-with-gateway.j2
Normal file
|
@ -0,0 +1,66 @@
|
|||
{# vim: set ts=2 sw=2 et ft=jinja2,json : #}
|
||||
{
|
||||
{# "HostName": "localhost", #}
|
||||
"SharedKey": "{{ sshwifty_shared_key }}",
|
||||
"DialTimeout": 10,
|
||||
"Servers": [
|
||||
{
|
||||
"ListenInterface": "0.0.0.0",
|
||||
"ListenPort": 8182,
|
||||
"InitialTimeout": 3,
|
||||
"ReadTimeout": 60,
|
||||
"WriteTimeout": 60,
|
||||
"HeartbeatTimeout": 20,
|
||||
"ReadDelay": 10,
|
||||
"WriteDelay": 10 {# , #}
|
||||
{# "TLSCertificateFile": "", #}
|
||||
{# "TLSCertificateKeyFile": "" #}
|
||||
}
|
||||
],
|
||||
"Presets": [
|
||||
{% for host in groups['role_mongo'] %}
|
||||
{% set server_group_id = loop.index0 // mongo_replicas_count %}
|
||||
{% set server_index = loop.index0 % mongo_replicas_count %}
|
||||
{% set server_ip_addr = hostvars[host]['ansible_facts']['default_ipv4']['address'] %}
|
||||
{% if server_group_id == mongo_group_id %}
|
||||
{
|
||||
"Title": "Group {{ server_group_id }} - Server {{ server_index }} ({{ host }})",
|
||||
"Type": "SSH",
|
||||
"Host": "{{ server_ip_addr }}:22",
|
||||
"Meta": {
|
||||
"User": "{{ sshwifty_ssh_user }}",
|
||||
{% if "password" == sshwifty_authentication | lower %}
|
||||
"Authentication": "Password",
|
||||
"Password": "{{ sshwifty_ssh_password }}",
|
||||
{% else %}
|
||||
"Authentication": "Private Key",
|
||||
"Private Key": "file://{{ sshwifty_ssh_private_key }}",
|
||||
{% endif %}
|
||||
{# "Fingerprint": home"SHA256:bgO...." #}
|
||||
"Encoding": "utf-8"
|
||||
}
|
||||
}{% if not loop.last %},{% endif %}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
{#
|
||||
{
|
||||
"Title": "Group {{ mongo_group_id }} - Gateway ({{ ansible_facts['hostname'] }})",
|
||||
"Type": "SSH",
|
||||
"Host": "{{ ansible_ssh_host }}:22",
|
||||
"Meta": {
|
||||
"User": "{{ sshwifty_ssh_user }}",
|
||||
{% if "password" == sshwifty_authentication | lower %}
|
||||
"Authentication": "Password",
|
||||
"Password": "{{ sshwifty_ssh_password }}",
|
||||
{% else %}
|
||||
"Authentication": "Private Key",
|
||||
"Private Key": "file://{{ sshwifty_ssh_private_key }}",
|
||||
{% endif %}
|
||||
{# "Fingerprint": "SHA256:bgO...." #}
|
||||
"Encoding": "utf-8"
|
||||
}
|
||||
}
|
||||
#}
|
||||
],
|
||||
"OnlyAllowPresetRemotes": true
|
||||
}
|
|
@ -1,4 +1,4 @@
|
|||
{# vim: set ts=2 sw=2 et ft=jinja2,json : #}
|
||||
{# vim: set ts=2 sw=2 et ft=jinja2 : #}
|
||||
{
|
||||
{# "HostName": "localhost", #}
|
||||
"SharedKey": "{{ sshwifty_shared_key }}",
|
||||
|
@ -18,47 +18,49 @@
|
|||
}
|
||||
],
|
||||
"Presets": [
|
||||
{% for host in groups['role_mongo'] %}
|
||||
{% set server_group_id = loop.index0 // mongo_replicas_count %}
|
||||
{% set server_index = loop.index0 % mongo_replicas_count %}
|
||||
{% set server_ip_addr = hostvars[host]['ansible_facts']['default_ipv4']['address'] %}
|
||||
{% if server_group_id == mongo_group_id %}
|
||||
{%- for host in groups['role_mongo'] -%}
|
||||
{%- set server_group_id = loop.index0 // mongo_replicas_count -%}
|
||||
{%- set server_index = loop.index0 % mongo_replicas_count -%}
|
||||
{%- set server_ip_addr = hostvars[host]['ansible_facts']['default_ipv4']['address'] -%}
|
||||
{%- if server_group_id == mongo_group_id -%}
|
||||
{
|
||||
"Title": "Group {{ server_group_id }} - Server {{ server_index }} ({{ host }})",
|
||||
"Type": "SSH",
|
||||
"Host": "{{ server_ip_addr }}:22",
|
||||
"Meta": {
|
||||
"User": "{{ sshwifty_ssh_user }}",
|
||||
{% if "password" == sshwifty_authentication | lower %}
|
||||
{%- if "password" == sshwifty_authentication | lower -%}
|
||||
"Authentication": "Password",
|
||||
"Password": "{{ sshwifty_ssh_password }}",
|
||||
{% else %}
|
||||
{%- else -%}
|
||||
"Authentication": "Private Key",
|
||||
"Private Key": "file://{{ sshwifty_ssh_private_key }}",
|
||||
{% endif %}
|
||||
{%- endif -%}
|
||||
{# "Fingerprint": home"SHA256:bgO...." #}
|
||||
"Encoding": "utf-8"
|
||||
}
|
||||
},
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
}{%- if sshwifty_gateway_access or (server_index + 1) < mongo_replicas_count -%},{%- endif -%}
|
||||
{%- endif -%}
|
||||
{%- endfor -%}
|
||||
{%- if sshwifty_gateway_access -%}
|
||||
{
|
||||
"Title": "Group {{ mongo_group_id }} - Gateway ({{ ansible_facts['hostname'] }})",
|
||||
"Type": "SSH",
|
||||
"Host": "{{ ansible_ssh_host }}:22",
|
||||
"Meta": {
|
||||
"User": "{{ sshwifty_ssh_user }}",
|
||||
{% if "password" == sshwifty_authentication | lower %}
|
||||
{%- if "password" == sshwifty_authentication | lower -%}
|
||||
"Authentication": "Password",
|
||||
"Password": "{{ sshwifty_ssh_password }}",
|
||||
{% else %}
|
||||
{%- else -%}
|
||||
"Authentication": "Private Key",
|
||||
"Private Key": "file://{{ sshwifty_ssh_private_key }}",
|
||||
{% endif %}
|
||||
{%- endif -%}
|
||||
{# "Fingerprint": "SHA256:bgO...." #}
|
||||
"Encoding": "utf-8"
|
||||
}
|
||||
}
|
||||
{%- endif -%}
|
||||
],
|
||||
"OnlyAllowPresetRemotes": true
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue